Welcome! » Log In » Create A New Profile

Maximum execution time with certain input

Posted by Lars 
Forum List Message List New Topic
Lars
Maximum execution time with certain input
May 17, 2010 04:04AM

Hi,

HTMLpurifier 4.1.0 works perfectly here, except for a few special input cases, where it enters a neverending loop:

require_once 'htmlpurifier/library/HTMLPurifier.auto.php';
$config = HTMLPurifier_Config::createDefault();
$purifier = new HTMLPurifier($config);
$t = '<i><ul></ul></i>';
$p = $purifier->purify($t);

You can replace the I tag with B or STRONG and it will still run forever.

This is running on PHP 5.3.2.

Best regards Lars

Reply Quote
Ambush Commander
Re: Maximum execution time with certain input
May 17, 2010 11:24AM

Wow, that's pretty serious. Will investigate.

Reply Quote
Ambush Commander
Re: Maximum execution time with certain input
May 17, 2010 11:30PM

Fixed in 875b0febde.

Reply Quote
Lars
Re: Maximum execution time with certain input
May 18, 2010 02:27AM

Thats works - thanks a lot!

I think I owe you a beer for that quickfix.

Best regards Lars

Reply Quote
Newer Topic Older Topic
Author:
Your Email:

Subject:

HTML input is enabled. Make sure you escape all HTML and angled brackets with &lt; and &gt;.

Auto-paragraphing is enabled. Double newlines will be converted to paragraphs; for single newlines, use the pre tag.

Allowed tags: a, abbr, acronym, b, blockquote, caption, cite, code, dd, del, dfn, div, dl, dt, em, i, ins, kbd, li, ol, p, pre, s, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, var.

For inputting literal code such as HTML and PHP for display, use CDATA tags to auto-escape your angled brackets, and pre to preserve newlines: 

<pre><![CDATA[
Place code here
]]></pre>

Power users, you can hide this notice with: 

.htmlpurifier-help {display:none;}

Message: